Cyber Skills Training at SANS Southern California- Anaheim 2018. Save $400 thru 12/20.

Network Security 2017

Las Vegas, NV | Sun, Sep 10 - Sun, Sep 17, 2017
This event is over,
but there are more training opportunities.

Increase Network Visibility: Methods to Feed IDS Sensors

  • Brandon Peterson, Master's Degree Candidate
  • Monday, September 11th, 8:15pm - 8:55pm

IDS sensors are a valuable tool for monitoring malicious activity on a network. However, to be useful, they must be feed with network traffic. This becomes challenging as most organizations no longer use a simple network architecture consisting of just an internal, DMZ, and external network. Instead, organizations split their internal network into many smaller segments, typically have multiple DMZs, and often utilize more than one ISP for Internet access. Additionally, most organizations will have multiple locations and may be using multiple cloud service providers. To inspect the traffic from multiple disparate environments, network security administrators need to understand the pros and cons of the many different methods of packet capturing available. This presentation discusses the most common methods available: Taps, SPANs, RSPANs, and ERSPAN. The discussion will also cover some of the tools and techniques used to benchmark these methods in your own environment. Understanding these methods will help ensure organizations can monitor their entire network in the most cost effective manner possible.

Speaker Bio: Brandon Peterson leads the Desert Research Institutes Cyber Security and Incident Response team. A native Nevadan and graduate of the University of Nevada, Reno, Brandon has spent the last 18 years managing IT infrastructure and security for banking, media, higher education and research. Brandon is committed to excellence and improving Nevada's cyber security posture through collaboration, training, and research.

A winner of the SANS Ninja coin contest for Network Penetration Testing and Ethical Hacking, Brandon is a proven expert in cyber security. In addition to his GIAC GPEN certification, Brandon holds the GCIH, GSEC, GCED, GCIA certifications from SANS and the Certified Information Systems Security Professional (CISSP) certification from (ISC). Brandon is a candidate for the Master of Science degree in Information Security Engineering from the SANS Technology Institute.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Sunday, September 10
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Sunday, September 10th, 8:00am - 8:30am Special Events
Actionable Detects: Blue Team Cyber Defense Tactics Seth Misenar Sunday, September 10th, 7:15pm - 9:15pm Keynote
Monday, September 11
Session Speaker Time Type
Does your current firewall rise above the Evasion Gap? Michael Knapp, Director, Network Security Architects for the Americas Monday, September 11th, 12:30pm - 1:15pm Lunch and Learn
How ForeScout Supports the Critical Security Controls Peter Underwood, Systems Engineer, ForeScout Technologies Monday, September 11th, 12:30pm - 1:15pm Lunch and Learn
Data Breaches on the Dark Web: Between Defense and Response Alex Viana, VP of Engineering, Terbium Labs Monday, September 11th, 12:30pm - 1:15pm Lunch and Learn
The Next Evolution of Protection: Introduction to Deep Learning Cameron Byers, Enterprise Sales Engineer Monday, September 11th, 12:30pm - 1:15pm Lunch and Learn
How to Beat Evasive Malware at Its Own Game Lenny Zeltser, VP Products Monday, September 11th, 12:30pm - 1:15pm Lunch and Learn
Smartphone and Network Forensics Goes Together Like Peas and Carrots Heather Mahalik and Phil Hagen Monday, September 11th, 7:15pm - 8:15pm SANS@Night
The 14 Absolute Truths of Security Keith Palmgren Monday, September 11th, 7:15pm - 8:15pm SANS@Night
Industrial Control System Active Defense and Threat Intelligence Robert M. Lee Monday, September 11th, 7:15pm - 8:15pm SANS@Night
Introduction to Reversing with IDA Stephen Sims Monday, September 11th, 7:15pm - 8:15pm SANS@Night
Stuck in the Box, a SIEM's Tale Justin Henderson Monday, September 11th, 8:15pm - 9:15pm SANS@Night
Be the Cheat Sheet. Know Memory. Alissa Torres Monday, September 11th, 8:15pm - 9:15pm SANS@Night
Increase Network Visibility: Methods to Feed IDS Sensors Brandon Peterson, Master's Degree Candidate Monday, September 11th, 8:15pm - 8:55pm Master's Degree Presentation
Tuesday, September 12
Session Speaker Time Type
Vendor Solutions Expo Tuesday, September 12th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Tuesday, September 12th, 5:30pm - 7:30pm Vendor Event
Women's CONNECT Event Hosted by SANS COINS program and ISSA WIS SIG Tuesday, September 12th, 6:00pm - 9:15pm Special Events
GIAC Program Presentation Jeff Frisk Tuesday, September 12th, 6:15pm - 7:15pm Special Events
Introducing DeepBlueCLI, a PowerShell Module for Hunt Teaming via Windows Event Logs Eric Conrad Tuesday, September 12th, 7:15pm - 8:15pm SANS@Night
The Seven Deadly Sins of Incident Response Jake Williams Tuesday, September 12th, 7:15pm - 8:15pm SANS@Night
You've Got Ransomware! Managing the Legal Risk of Cyber Fraud Benjamin Wright Tuesday, September 12th, 7:15pm - 8:15pm SANS@Night
Lets Go Hunting Bad Guys. John Strand Tuesday, September 12th, 8:15pm - 9:15pm SANS@Night
Ten Tenets of CISO Success Frank Kim Tuesday, September 12th, 8:15pm - 9:15pm SANS@Night
Control Things Platform Justin Searle Tuesday, September 12th, 8:15pm - 9:15pm SANS@Night
Wednesday, September 13
Session Speaker Time Type
How to Become a SANS Instructor Eric Conrad Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
Looking Beyond Your Four Walls: Periphery Threat intelligence Josh Fu, Sr. Sales Engineer Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
Why a Holistic Approach is Crucial in Cyber Security Keith Buswell, Sales Engineer Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
ICS Down...It's Go Time! Jason Dely, Professional Services Technical Director, ICS and Critical Infrastructure Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
Visibility and Security in the age of Digital Transformation Gill Langston, Director of Product Management, Qualys Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
Response Policy Zones (RPZ):Using DNS to Choke Malware, Botnets, and Ransomware Matt Stith, Product Manager, Spamhaus Technology; Arnie Bjorklund, SecurityZones Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
Using In-Memory Techniques to Battle Linux Malware Nolan Karpinski, Product Lead. Wednesday, September 13th, 12:30pm - 1:15pm Lunch and Learn
So, You Wanna be a Pentester? Adrien de Beaupre Wednesday, September 13th, 7:15pm - 8:15pm SANS@Night
Three Keys to Mobile Security: Are You Doing Everything You Can to Protect Your Apps? Gregory Leonard Wednesday, September 13th, 7:15pm - 8:15pm SANS@Night
Malware Analysis for Incident Responders: Getting Started Lenny Zeltser Wednesday, September 13th, 7:15pm - 8:45pm SANS@Night
Anti-Ransomware G. Mark Hardy Wednesday, September 13th, 8:15pm - 9:15pm SANS@Night
Secure DevOps: Static Analysis & the Puma‚s Tail Eric Johnson Wednesday, September 13th, 8:15pm - 9:15pm SANS@Night
Don't Always Judge a Packet by Its Cover Gabriel Sanchez, Master's Degree Candidate Wednesday, September 13th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, September 14
Session Speaker Time Type
The Three Cs to Building a Mature Awareness Program Lance Spitzner Thursday, September 14th, 7:15pm - 8:15pm SANS@Night
Selling Your Information Security Strategy David Todd, Master's Degree Candidate Thursday, September 14th, 7:15pm - 7:55pm Master's Degree Presentation
Securing Your Kids Lance Spitzner Thursday, September 14th, 8:15pm - 9:15pm SANS@Night
Privacy and Legal Dimensions in Increasingly Connected Digital World Muzamil Riffat, Master's Degree Candidate Thursday, September 14th, 8:15pm - 8:55pm Master's Degree Presentation